14 DAY TRIAL // Microsoft says start gearing up on antivirus engines, based on "the more the merrier" security strategy. And in this context, the Redmond company is offering Forefront Security for Exchange Server and Forefront Security for SharePoint as the best security solutions to bulletproof Exchange Server 2007, Office SharePoint Server 2007 and Windows SharePoint Services 3.0. The secret behind the Forefront line of solutions is the fact that the products incorporate multiple antivirus scan engines. Essentially, Microsoft's Forefront permits the bundling of multiple antivirus engines and in this manner the creation of a comprehensive security solution. Still, tests run by the Redmond company, as well as AV-Test.org reveal that Forefront should be given some consideration.
"Using multiple scan engines delivers several critical advantages. It increases the chances that emerging threats will be quickly caught. It provides redundancy to help protect against scan failures or defects in individual engines; if an engine fails, other engines continue scanning messages. It gives administrators an effective way to choose the most appropriate level of protection for their environment given their security needs and server performance capabilities. It allows engines to be taken offline for updates or reconfiguration without forcing messages to be queued," commented David Burt, Product Manager, Communications Forefront security.
The image included on the left is a clear illustration of the performances delivered by Forefront in comparison to single engine solutions. As you can see from the diagram, combining antivirus engines makes Forefront tackle the vast majority of threats in less than five hours. Only a few continue to represent a potential risk after 24 hours. And in this context, Forefront has the upper hand over single engine products.
"The tests compared AV lab response times for eighty-two "in the wild" viruses and variants. Twenty-six of the viruses were quickly detected by all the scan engines, but some engines didn't detect viruses for more than twenty-four hours. In a few cases (notably 0506 Banwarum.C@mm), some vendors didn't update their signatures to provide a block until nearly five days had elapsed," Burt added citing the results from the comparison performed in October.
